CVE-2018-11412 (retired)

In the Linux kernel 4.13 through 4.16.11, ext4_read_inline_data() infs/ext4/inline.c performs a memcpy with an untrusted length value incertain circumstances involving a crafted filesystem that stores thesystem.data extended attribute value in a dedicated inode.

Ubuntu-Description

Jann Horn discovered that the ext4 filesystem implementation in the Linuxkernel did not properly keep xattr information consistent in somesituations. An attacker could use this to construct a malicious ext4 imagethat, when mounted, could cause a denial of service (system crash) orpossibly execute arbitrary code.